PT-2026-56694 · Tumf · Mcp-Text-Editor

Geochen

·

Publicado

2026-07-09

·

Atualizado

2026-07-09

·

CVE-2026-15138

CVSS v2.0

7.5

Alta

VetorAV:N/AC:L/Au:N/C:P/I:P/A:P
A security vulnerability has been detected in tumf mcp-text-editor up to 1.0.2. This issue affects the function validate file path of the file mcp text editor/text editor.py. Such manipulation of the argument file path leads to path traversal. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor closed the GitHub issue for this vulnerability without any explanation.

Exploit

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-15138

Produtos afetados

Mcp-Text-Editor